Ransomware Sugar

The Sugar ransomware differs from the larger ransomware gangs and focuses its attacks on individual computers of ordinary users and small businesses.

The group emerged in November 2021, it is not very clear why the group chose to do small attacks, but the fact that these computers are easier to break into and do not draw as much attention from authorities, may have been one of the motivations.

The group has been applying RaaS (Ransomware as a Service) tactics, which is the outsourcing of attacks by external agents. Attacks on individual computers are easier to carry out by people with little or no experience.

After Sugar invades the system it downloads some files and only after that the encryption starts, these files are tools that will help the encryption process.

The extension .encoded01 will be added to all files affected by the ransomware, none of these files can be opened.

The extension .encoded01 will be added to all files affected by the ransomware, none of these files can be opened.

The ransom amount is not fixed, but is made according to the amount of encrypted data, the group offers to decrypt 5 files for free to convince the victim that they have the decryption key.

In fact, the group has the decryption key, but there is no guarantee that the key will be released after the ransom is paid, so do not trust the criminals.

There is solution to recover the files encrypted by ransomware, Digital Recovery has developed such solutions.

Recover Files Encrypted by Sugar Ransomware

Digital Recovery has focused its efforts on developing technologies capable of recovering ransomware-encrypted files of any length and on any storage device.


We can recover HDDs, SSDs, Databases, Servers, Virtual Machines, Storages (NAS, DAS, SAN), RAID systems, and others.

We know how sensitive the information of companies that have been attacked by ransomware is, so we provide all our customers with a confidentiality agreement (NDA), all information about the case is completely confidential.

We can recover data anywhere in the world via remote recovery, which drastically reduces the duration of the process.

Start advanced diagnostics now. Contact our experts.

We are always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

AtomSilo Ransomware

Ransomware AtomSilo

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.